The Chinese Government has been further accused of attacks against Government agencies, corporate companies and journalists across India and Southeast Asia over the past ten years.
According to a report by FireEye, the attacks by APT 30 began in 2005 and the crucial evidence was given in an operating manual written in Chinese, a code base that was seemingly developed by Chinese developers, and a related domain registered to a suspicious ‘tea company’ in rural China.
“Their targets possess information that most likely serves the Chinese government’s needs for intelligence about key Southeast Asian regional political, economic, and military issues, disputed territories, and discussions related to the legitimacy of the Chinese Communist Party,” the company said in an announcement.
In particular, APT 30 has a structured and organised workflow, illustrative of a collaborative team environment, and their malware reflects a coherent development approach. FireEye said that the primary goal appears to be sensitive information theft for Government espionage and the group uses malware which includes the ability to steal information (such as specific file types), including, in some cases, the ability to infect removable drives with the potential to jump air gaps.